Where would you check to see if the same user was trying to log on again, in the LoginContext? I can check in the Session and see if a user is logged on or not, but I can not check to see if it is the same user unless I keep the userid and password in the session. I would like to do it in the LoginContext and throw an Exception if it is the same user. The way it is now, I get a LoginException from the LoginContainer if I try to log on again, but I have no way of knowing if it is because the same user is logged on or not.
public void login(LoginContext context) throws LoginException { ... if (subjects.containsKey(key)) throw new LoginException("Already logged in through this context ").setLoginContext(context); ... } How would you suggest figuring out if it is the same user or not? > -----Original Message----- > From: Maurice Marrink [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 25, 2008 10:02 AM > To: users@wicket.apache.org > Subject: Re: Wicket-Security Back Button and Login more than once > > > We also use a "screensaver" but it does not use the login routines, > instead it just verifies the user input against the username and > password from the loggedin user. > Also you can a check on the loginpage to determine if there is already > a logged in user, if there is and it is the same username you can skip > logging in again. > > Maurice > > On Tue, Mar 25, 2008 at 5:41 PM, Warren > <[EMAIL PROTECTED]> wrote: > > How do you deal with the situation where a user uses the > browser back button > > and ends up on a login page and then trys to login again? In > other words, > > how do you allow a user to login more than once. I am also > running into this > > same situation when I manually throw a > > RestartResponseAtInterceptPageException(Login.class) exception. > > > > I need a 5 minute screen saver type of time out and then the > regular session > > expired time out. The screen saver would require the user to > login again and > > the pick-up where they left off, but if a new user logged in it would > > invalidate the previous users session and start the new user > from the home > > page. I wrote something that kind of works, but I keep running > into little > > problems with it. > > > > What would be the best way to do this? > > > > Thanks, > > > > Warren Bell > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]